When you hear someone say to you “your privacy is protected,” they typically mean something along the lines of your data cannot be used to identify you and/or precautions will be taken to avoid unauthorized access to your data - while these are good efforts for privacy, but they actually are not what privacy is.

Privacy is arguably the most known and encompassing topic in ehealth, but also the least understood even among those who work in the field. So, what exactly is privacy when it comes to ehealth?

Privacy is a set of principles that govern how we can treat data. That's it - privacy itself isn't about non-disclosure of data - privacy is just how we can treat data - governed by a set of principles. Let’s have a look at the two core principles of privacy:

  1. Autonomy
  2. Fair and Transparent Processing


In healthcare, the most widely accepted definition of privacy focuses on the autonomy of the patient. It says that:

Privacy is the ability for the patient to have control over their own data. To preserve privacy means to preserve this ability for the patient.

In practice, autonomy is actualized through consent – two types of consent. Expressed consent, and implied consent.

Expressed consent is very easy to understand. It’s when the data contributor (patient) directly expresses their wishes to the data collector (doctor or more often a medical researcher) how they would like their health information to be used. So if you state out to your doctor that they're ok to use your health record, then your doctor will have expressed consent to use your information. But you probably won't do that explicitly.

That's why we have implied consent. Implied consent refers to consent that is granted by data contributor (patient) to the data collector (healthcare provider) without explicitly declaring it. That is the case when a patient seeks medical treatment – ie. by entering the door to the doctor’s office, the patient is assumed to have granted the doctor access to their personal health information for the purpose of providing care even if they have not explicitly declared so.

Autonomy is a simple concept, but has profound implications in ehealth. Autonomy prepares privacy to be an enabler to the sharing or use of health information. For example, under restrictive legislation (or more importantly, mindset) that normally prevents the use or sharing of health information, autonomy can be exercised to enable the patient to overrule any privacy-related obstacles.

Fair and Transparent Processing

Fairness refers to treatment of data that would be generally expected and in the case of healthcare, accepted, by the patient. Implied consent under Autonomy would be an example of fair use of data. In general, the use of health data should not cause adverse events or harm the individual in any way. Fairness is sometimes referred to as a “common sense” principle to privacy.

In practice, fairness and transparency to privacy is respected when we choose to process health data in a justified and open and honest manner.

While autonomy is viewed as the most important principle to privacy, fair and transparent principles are needed as obtaining consent for the use of health data is often not feasible. For example, in a typical medical research study, consent is obtained during data collection in initial phases of the study. It is often difficult for the researcher to tell upfront exactly how the data will be analyzed – results from one analysis usually informs the design of another. During the course of the study, new research can also be published that can shed light on new uses of old data. Going back to each patient to obtain consent for further analysis is simply not feasible and sometimes not possible, especially if data collection was performed in third-world countries. In these cases, fair and transparent principles of privacy are more important to follow.

My professor summarizes the fairness and transparency principle elegantly:

Picture yourself in court - if the way you handled the patient data were made public, would you be able to defend your own actions?
- Dr. Tanja Gonska

The Fair and Transparent Processing principle suggest that privacy is not necessarily the same everywhere. Privacy is measured against the norms - which can differ from place to place or with the passing of time. As a result, when using health data, it is critical to constantly reflect on "will I be able to explain how I'm using this data to others? How will what I'm doing be measured against the norm?"

So there you have it - Autonomy and Fair and Transparent Processing are the fundamentals that make up privacy in ehealth. If you can grasp these two concepts, you will be equipped with an informed lens to understand privacy legislations and specialized operational processes in healthcare institutions.